Software-Defined Wide Area Network (SD-WAN), as a killer application featuring SDN and NFV, is now attracting much attention. In fact, it was not just another promising future technology, but has already been adopted in many commercial networks around the world.

Globally (especially in the USA), the past two years have witnessed many enterprises migrating from conventional operator-provided WAN services (like MPLS and TDM) to building and managing the SD-WAN network itself.

In response to such shift, operators, especially the USA-based ones, have been rolling up their sleeves and aggressively launching SD-WAN solutions since second half last year.

SD-WAN could gain such popularity because (1) WAN bandwidth can be dramatically expanded using ultra-low cost broadband link, (2) its multiple underlayed networks give improved availability, (3) it allows for faster speeds and lower OPEX as provisioning, update and setting change can be performed by central server.

When we think of delivering corporate data traffic through the Internet, the first and biggest concern that comes to our mind would be security and quality.

SD-WAN performs encryption for all traffic exchanged among SD-WAN CPEs before they are sent via IPsec channels.

An MPLS network, although relatively expensive compared to broadband Internet, does offer high quality service. But, broadband Internet service does not come with SLA like MPS VPN does, so there is no guarantee regarding latency or packet loss. So, you get what you get, and it is mostly for home users.

For that reason, there have been reasonable concerns among enterprises about delivering highly critical application traffic like VoIP, video conferencing, ERP, etc.

Despite these concerns, SD-WAN has been widely adopted, primarily because of SD-WAN vendors who provide various and proprietary path and quality control features. Leading SD-WAN vendors like Velocloud, Viptela, Versa Networks, Cisco, Juniper, Riverbed, Silver Peak and Citrix, serve enterprise customers either by selling SD-WAN solutions directly to them or by offering the same to telcos so that they can provide managed SD services to enterprise customers.

Path and quality control features provided by each SD-WAN vendor are slightly different from vendor to vendor (just like Mobile Video Optimization vendors had their own optimization methods a few years ago).

SD-WAN controller is in charge of delivering policies to each SD-WAN CPE and can come in many different configurations.

Silver Peak’s solution offers five path-selection policies {low-loss, low-latency, load balancing, preferred i/f} to choose from and the IT guy of an enterprise select one of them for each application.

1. Path selection by application

First, WAN paths (either MPLS or Internet) are selected for each application - for example, MPLS path for VoIP, video conferencing and ERP, but Internet for others.

2. Dynamic Path Control (DPC)

Both MPLS and Internet are packet networks. Packet networks are always at the risk of facing congestion. Therefore, what SD-WAN solution need most is a path control solution that allows for each application to dynamically switch their paths in real-time, in response to network conditions, rather than sticking to one particular network.

For instance, if DPC is enabled and “low-loss” policy is applied, a VoIP application can ensure VoIP packets are delivered through the best possible path at all time by dynamically switching between MPLS and Internet paths depending on the packet loss conditions in the network (Note: It is different from load balancing between two paths).

All the IT guy of enterprise has to do is to specify “low-loss” or “low-latency” levels for each application.

3. Tunnel Bonding

For applications such as Data Relation, Backup, and File Transfer, the more available bandwidth they have, the better performance they can have.

Time saving in uploading and downloading data can be drastic when all available paths, rather than one particular path, can be utilized.

Silver Peak calls it "Tunnel Bonding". It performs per-packet load balancing to distribute the packets belonging to one flow to different WAN paths, thereby achieving maximum throughput. The basic concept of the technology is quite similar to Multi-Path TCP (MPTCP), that has been adopted in commercial networks in South Korea.

However, a drawback of this solution was that, because it distributes packets within a flow via different paths (i.e., either MPLS or Internet), packets delivered to the receiving end are not in the original order sent by the sending end.

This results in TCP retransmission, resulting in throughput degradation. To address this issue, Silver Peak introduced Packet Order Correction (POC), a re-sequencing process performed by SD-WAN CPE on the receiving end.

4. FEC (Forward Error Control)

In Internet networks, packet loss is not guaranteed. So packets somehow lost on the way can trigger TCP retransmission, which significantly lowers TCP throughput. So what Silver Peak came up with was to insert FEC packets to somewhere among the packets being transmitted. As seen in the figure below, the FEC packet may be sent through MPLS separately, or through the Internet with other packets.

As discussed so far, Silver Peak solution i) dynamically switches paths in real time according to the quality condition of each path (DPC: dynamic path control), ii) carries out per-packet load balancing by using all paths available (Tunnel Bonding), improving data transmission throughput, iii) minimizes the effect of incidents during data transmission (like Out-of-Order and packet loss) by means of packet order control and FEC, effectively enhancing throughput.

Silver Peak SD-WAN solution has empowered the Internet path, a less safe and reliable path compared to MPLS, to offers better efficiency and quality.

Now that we have discussed SD-WAN path and quality control by Silver Peak, let’s continue to explore solutions from other vendors as well.

Good article we at Riverbed have decided to go a step further and provide a on premise controller Based on MANO instantiation of the Virtual Network functions. So just providing performance benefits will not be enough. Giving Large Enterprises and Service Providers the ability to control the service is paramount. As well we are providing visibility into the applications as well the health of infrastructure and he underlay network.

Andy via LinkedIn2017-07-13 11:39:49

Excellent article for the equipment vendor

Stuart (Gamma) via LinkedIn2017-07-13 11:47:14

A good clear explanation and comparison of SD-WAN... watch this space.

Anil (Tata Consultancy Services) via Lin2017-07-13 15:28:49

Excellent article. Dynamic Path Control would be the way forward in the network abstraction scenario

Ivan (Virtual1) via LinkedIn2017-07-13 15:30:16

I see SD WAN being really useful for rapid deployment of 4G solutions into a WAN in the UK or for linking international sites cost effectively.

In the U.K. Market connectivity is inexpensive and the challenge of long connecting between cities is trivial compared with the US or overseas where moving between regional carriers increases the cost a lot.

So for the UK, SDN makes a lot of sense in that you can control the WAN bandwidth and many network functions centrally. Adding VLANs, IPs, QoS etc via a GUI is a major advancement over legacy WAN.

SD-WAN still requires decent internet connectivity and can leverage the SDN functions from the internet supplier.